Posted
by
Soulskill
on Friday August 14, 2015 @02:21PM
from the do-you-want-to-play-a-game dept.

Penguinisto writes: According to Ars Technica, Windows 10 will still send telemetry and other data to Microsoft-owned domains — no matter how tightly you crank down the privacy settings. Even with everything buttoned down, Cortana, OneDrive, and Web Search from the Start Menu disabled, the OS still phones home, using a random system ID that persists across reboots. It apparently also tries to bypass proxies to do it. "Some of the traffic looks harmless but feels like it shouldn't be happening. For example, even with no Live tiles pinned to Start (and hence no obvious need to poll for new tile data), Windows 10 seems to download new tile info from MSN's network from time to time, using unencrypted HTTP to do so. ... Other traffic looks a little more troublesome. Windows 10 will periodically send data to a Microsoft server named ssw.live.com. ... The exact nature of the information being sent isn't clear—it appears to be referencing telemetry settings—and again, it's not clear why any data is being sent at all. We disabled telemetry on our test machine using group policies."

Are Live tiles pinned to your start bar completely independent of user, or do different users have different settings for that? Response times and reactivity are king. Making sure the data is already there when a different user logs on, or when you go to the page to see what's available, is a thing.

Not saying there shouldn't be an easy way to really turn it off, but "no obvious need to poll" is a little disingenuous unless Windows 10 is a truly single-user OS.

Are Live tiles pinned to your start bar completely independent of user, or do different users have different settings for that?

If the machine has only one user and that user has turned it off, there's no legitimate reason to be pulling it down. Of course, this is Microsoft we're discussing, so the question of legitimacy is moot; they're going to do whatever they want and ignore your settings.

Are Live tiles pinned to your start bar completely independent of user, or do different users have different settings for that? Response times and reactivity are king. Making sure the data is already there when a different user logs on, or when you go to the page to see what's available, is a thing.

Not saying there shouldn't be an easy way to really turn it off, but "no obvious need to poll" is a little disingenuous unless Windows 10 is a truly single-user OS.

Windows 10 (a/k/a NT v?) is actually a server-class multiuser OS, that has been hamstrung by greedy Microsoft Policy into behaving like a one-user-at-a-time OS.

Sad, actually.

Unlike OS X, which, while also acting sort of like a one-user-at-a-time OS, at least lets you spawn additional simultaneous User Sessions via Remote, if you wish. And even when it is acting like a one-user-at-a-time OS, I believe that the other Users' sessions are kept alive and logged-in, which I'm not sure is the case with Windows

Windows 10 is clearly not a single user computer but straight up a part of a marketing botnet https://en.wikipedia.org/wiki/... [wikipedia.org] on every computer which has it installed. You watch MS brag about growth in Bing hits and demand more money from advertisers, every Google search on windows 10 looks to trigger a corresponding Bing search without the user knowing, watch M$'s search market share grow, without end users ever requesting it or seeing any of the results. Once a windows 10 computer is plugged into the i

As Win 10 is an 'in progress' project M$ can acquire that kind of power (if it does not already have it) and toggle the 'kill' switch any time it wants.

Win 10 is becoming the largest security threat there ever is.

Because of that I have decided to not upgrade any of my company's computers (which run Windoze) to Win 10. All the computers that are needed to be retired will be replaced with computers running any OS other than Win 10.

I distrust Microsoft and their new privacy directions, but you're not being honest by withholding the full section you pulled that from:

Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to:

comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies;

protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or serious injury of anyone;

operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or

protect the rights or property of Microsoft, including enforcing the terms governing the use of the services - however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer's private content ourselves, but we may refer the matter to law enforcement.

Please note that some of our services include links to services of third parties whose privacy practices differ from Microsoft's. If you provide personal data to any of those services, your data is governed by their privacy statements.

OpenWRT builds should soon come with "none of this telemetry shit" big red switch on the frontpage. And not just Msft, but apple, oracle, etc included. And then, i want OpenWRT built into a usb-ethernet dongle that i can take with me to travel.

You are wedged so firmly on their Johnson that you have finally realized you need a full fledged auto-updating APPLICATION FIREWALL sitting between your computer and the internet just to stop junk from getting out to Microsoft, and you are like SEEMS REASONABLE BRO. Give me a fucking break!

Riot or use Linux. Don't pretend you can keep up with Patch Tuesday, which will change what settings you need to protect yourself constantly. You are literally and finally at the point where you need a whole BSD or rea

They don't know me. They have no means of verifying what I tell them. And I do know them, and I know that they'll try and try and try to find a way to make my usage profitable. The only question is, "How can I use their greedy nature to benefit me?"

First, I need to know what benefit I want. If it's privacy I want, then nothing works better against a myopic panopticon than a disguise of misinformation. We already know they can "see" my usage and other statistics. But they can't verify.

>No amount of litigation or hacking will change that.I hear OSX doesn't do this, though you gotta fuck with settings. If Microsoft doesn't recant on this outright heresy, there will be a workaround for those that care and use Windoze, but it will be ugly.

>We would be wise to keep our efforts focused on freedom on the electronic frontier.Install Linux, Problem Solved.

> Keep it legal to do all the things we want to do, because we will not be able

Hacking free software continues to prove fruitful. In fact, some people use it and rely on it for their freedoms (such as Edward Snowden). But proprietary software is long known to be untrustworthy by default, no matter who the proprietor is or what excuse they (or their water carriers) have for denying users software freedom. So there's no gain to be had in a capitulation view. Privacy and other freedoms are worth fighting for and there's plenty of good to be had in the fight. Some of those fights take the

Now this http://store.steampowered.com/... [steampowered.com] makes a whole lot more sense. Obviously Steam paid attention to the most important thing about windows, the only binding power computer users to windows was high end games and power users will never ever accept privacy invasive practices on a desktop. Mobile phone invasiveness causes grumbles but hey you can always use you desktop or notebook instead for secure oh wait, FUCK YOU MICROSOFT;D. So Linux for the internet and work and Steam for gaming, so how long bef

I actually agree with the first AC, there is no such a thing as complete privacy. I agree that I don't want to live in some 1984 type of world where the government knows all my thoughts or what ever. But I'm a realist and there is almost no amount of off the grid that you can go as to get real privacy, the only way for that to happen is if you were the last person on the planet. It should be viewed more as keeping the freedom to do what we want, because let's face it, there is not a computer system made, th

I actually agree with the first AC, there is no such a thing as complete privacy. I agree that I don't want to live in some 1984 type of world where the government knows all my thoughts or what ever. But I'm a realist and there is almost no amount of off the grid that you can go as to get real privacy,

There is no such thing as a complete vacuum. Even in interstellar space.

--"Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary."

Being certain of something doesn't make it true. You are, I am afraid, quite wrong... the very idea of an "unhackable computer" is built on a flawed premise, which is that it is somehow a computable function to determine what an arbitrary computer program is actually supposed to behave like.

Even fixed function devices can be hacked and used for purposes other than what they were intended for, Trying to do that for a general purpose computer is logically equivalent to solving the Halting Problem, which can be logically proven to have no possible solution.

This guy knows what's up. GP is retarded. An "unhackabale computer" is a logical impossibility. Privacy can be protected by technology, but privacy invasion can only be curtailed by political action. It's about making it illegal to invade your privacy, and punishing people who do.

It is hands down the biggest disaster in computing history. The interesting part is how Enterprise will, eventually, not have any of these spyware bugs, so the challenge for the die hard win-heads will be to pirate and use Enterprise. I'm not really sure if it counts as piracy- you're really just looking for the patch set of the OS you are buying (Pro) that doesn't upload every little thing you do to Microsoft, and since the only entities with privacy rights are corporations, you have to use the stuff mea

It's good these posts come out, but having worked with it, it's probably just a case of some calls that didn't check for the telemetry lockdown registry key. Say what you will, but it's not likely they have a secret cabal going to collect which live tiles you resized to "large" or unpinned. There's enough of us that either ride with defaults or are actually OK with them learning how to make a better OS based on how we use it. Given how rushed it was on the last few months fixing major issues, it doesn't sur

No. It's not PEBKAC. Go fucking research. To stop Windows from talking, you need several privacy toggles, some of which won't toggle all the way. Then you need a registry workaround, because Windows is so about user friendliness that you need to modify DWORDS in their shitted up binary fuckfest. Then you need to disable like three services, and remove two binaries. Then you need a big hosts file, and that's becoming an issue because Windows will actually work around a hosts file in some cases, using a list of known IPs specifically to circumvent that. So for now, you can block them on your external firewall.

Eventually, you'll need a dedicated Application Firewall to block all that plus the mandatory Windows Update- you obviously don't want to allow Windows Update unless and until the Application Firewall has updated rules, because we can assume Microsoft will sidestep them weekly if allowed to. The advantage of that approach is that Microsoft can't beat it- it's not on their computer- and further, that you can eventually deep packet inspect and sanitize, allowing the use of Cortana with just the information YOU want to share with her.

Again, really, we need to get off Microcock. This level of drama- needing a second computer to use your first computer- is absolutely insane. But for those that want all those lesser applications that only have Windows support, this will be the option.

It's good these posts come out, but having worked with it, it's probably just a case of some calls that didn't check for the telemetry lockdown registry key. Say what you will, but it's not likely they have a secret cabal going to collect which live tiles you resized to "large" or unpinned. There's enough of us that either ride with defaults or are actually OK with them learning how to make a better OS based on how we use it. Given how rushed it was on the last few months fixing major issues, it doesn't surprise me that a few things slipped through.

One thing having always bugged me about this line of thinking is the quantity of traffic and number of systems out there that would all be generating these requests is simply enormous... must be one hell of a noise floor to go unnoticed.

Even if they are not of evil intent here, they still have broken design goals. Pre-caching stuff like this is always wrong if there is no option to disable. Always. There is no excuse for this, not even Microsoft's disingenuous standard response "it's for a better user experience." It slows down the computer slightly so that you can get a ridiculously stupid feature to work slightly faster. They're still stuck on the idea that silly phone apps on a computer are a good idea. I don't turn on my computer

It sounds crazy. But there are major corporations that routinely plan to upgrade to the latest OS as soon as possible. I kid you not, but this includes major defense contractors. We all laughed at Windows 8, but the people with the missiles went and rolled it out. I have no doubt some of these places are rolling out Windows 10. This is not driven by the corporate leadership though, but by hordes of IT people who double as the vanguard of Microsoft's marketing forces.

I've recently been trying to shut down Microsoft's gathering of telemetry from my Windows 7 PC. I am seeing the performance-draining results of this telemetry gathering process [infoworld.com].

.
When I start up my PC in the morning, the hard drive just grinds away for about 5 or 10 minutes, and the CPU is sluggish. At first I thought it was an A/V scan, so I removed my A/V. No effect.

Then I stumbled upon the InfoWorld article, and removed the Windows Updates that were mentioned in the article. The scanning stopped. Until I did a Windows Update earlier this week. And I had to remove once again the offending updates.

Friend, I'll tell you what's 'going on in Redmond': The same thing that goes on at Facebook, and countless other companies these days: You are the product they're selling, and you're paying for the 'privilege' of being such by buying Windows 10. They're collecting data from your computer whether you like it or not, and selling that data to someone else.

It is interesting to see not only the technical influence, but the design philosophy inherited from the Skype acquisition: That is, from the perspective of a running service, it's perfectly ok or even desirable to worm your way out and communicate with the hivemind, no matter what the user says. For example, if the user configures the app not to communicate with a voip service, the app will respect the exact letter of the user's intent -- not to make voip calls or display presence -- but it will still update itself, download patches, and update directory data so that you *could* make voip calls if you changed your mind... which it will assume you did at the next update when the settings are reset to default-open...

Opting out entirely is within reach for most people/orgs, it's the momentum that keeps people choosing this crapware. I keep Windows around because I like Visio, but my company does everything else in Google services, so my main machine for actual work has been Linux Mint for several years. The kids have Windows tablets but never use them; they just use pocketable android for comm and big iron for gaming/steam/AV/dev. It's not even worth much effort to criticize msft, they're not going to stop doing stupid things, they don't offer an advantage at the consumer level anymore, and I just don't have the time for it.

(Now, ask me as a security geek, do I like having windows event data along with netflow? Sure thing, but the infrastructure to get that is insanely costly to license and run. I just wouldn't build a company that way anymore.)

Unfortunately true. It causes most people a great deal of anxiety to acknowledge there's a problem and that there are things they can do to mitigate it, because that means they have to learn about those things, which they fear will be outside their experience and abilities. As long as they're in the same boat as their friends and family, they feel the safety of numbers and can ignore the issue. The FUD mantra against Linux has always been that you have to be an elite geek to install and use it; of course that's nonsense but people believe it. It creates a lot of fear and trepidation that they'll be in over their heads if they even try, and so they don't.

It's not FUD... Whatever the year of the Linux desktop people want you to believe, it's just not that easy for most people to switch. The skepticism you have "Windows 10 is free, what's the catch?", is the same thing I hear when I tell people about Ubuntu. "It's free, how could it possible be good if it's free?" Then you tell them that it will change the look and feel of a computer they've used for years. Then you have to admit that their Windows apps won't work. Then confess that they will have a much smaller selection of software available to them. yeah, sign me up right away, is not the response you should expect.

Despite huge improvements, Linux desktop is still NOT for the average user. It's for the average user that has a knowledgeable friend to help them setup things, to install Windows apps under WINE when possible, to help them find replacement apps for all the things they use, and to help them get used to the quirks of Linux. I've got my mother in law's laptop running perfectly under Ubuntu and she loves it, but there's no way on earth she'd ever have done it herself, even if her future self could send a note back in time and tell her how much better it was.

WE don't think it's that hard or intimidating because we play with this stuff all the time and tend to forget we've grown along with the Linux desktop and take a lot of acquired knowledge for granted.

A lot of people are still running Windows XP (and earlier) for much the same reason. It works as well as it ever did for them (not considering the security issues), they've acclimated to it, and who knows what may go wrong with an update? Will their old familiar apps still work, or will they have to shell out hundreds of $$ to update those too?

> It is interesting to see not only the technical influence, but the design philosophy inherited from the Skype acquisition:

It's consistent with Skype: it was hardly unique to them. It's inherent in Microsoft's registration models, their "Trusted Computing" encryption key architecture, and the very poor security of MS File Sharing itself. You _cannot_ use Powershell to administer your host if you block sharing your entire C: drive as the hidden share \\hostname\c$. A security model that says "to use admi

Cool, thanks, just did an IP lookup on it and got back 207.46.7.252. I just made a new outband rule in my firewall blocking all outbound traffic from all applications to 207.46.7.252. Hopefully that should solve the problem.It isn't that hard to do, I would like to see any other servers windows tries to contact that it dose not need to so I can block them too.

Walker flat out lied about anti-Walker protesters damaging the state capital building. Not only did the protesters do _less_ damage than any other group that size that had used the capital grounds (as documented by the building & ground dept) but they brought trash bags and cleaned up the area afterwards. Walker repeated released utterly false and fabricated statements to the opposite. That tells you all you need to know about hi

Similar to IBM, MSFT could easily charge $50 for Windows XP maintenance PER YEAR AND SEAT. Since XP, there has been NO CUSTOMER VALUE ADDED. Actually, they destroyed lots of customer value by permuting things so that they could call it "new".

Many customers know this and it has burned their business.

The next step in their suicidal plan is to continue charging for their Permuted XP versions, but at the same time collect and sell data like Google. Now, that sounds like an excellent plan to destroy the modicum

In windows 7 I disabled every call home excuse under the sun from UI, group policy, CLI, scheduler... Must have spent hours disabling various bullshit yet despite considerable efforts windows 7 still keeps making connections to settings.data.microsoft.com, telemetry.microsoft.com with nothing running, with updates set to manual while doing absolutely nothing but executing tcpdump. In the end I gave up and blackholed these sites in DNS to get it to stop.

To be clear I am not nor would I ever make the lame argument that windows 7 does it too as an excuse to give win10 a pass or cover to try and justify a fundamentally indefensible activity. Microsoft's squandering of their customers trust will ultimately only end badly for them. Wireshark is your friend... try it and see what all windows 7 is doing don't assume that Windows 7 is trustworthy.

--"Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary."

Telemetry and error reporting cannot be effectively disabled on 10, because Microsoft refuses to make Enterprise available via retail channels.

This AC is also remaining on 7 here. And has refused to install the offending updates (KB3068708 KB3022345 KB2952664 KB2990214 KB3035583 KB971033 KB3021917 KB3044374) from Windows Update. (Another thing that cannot be disabled in Win10.)

I'm waiting until I stop seeing a deluge of shit like this before I un-hide the update to upgrade to windows 10, from windows 7. Remember how Microsoft went goddamned insane when they released the latest Xbox? Remember how they eventually fixed the incredibly privacy-raping idiocy? Still waiting. Gonna keep waiting. If they never come around, that's OK. Windows 7 should keep working for me for some time.

Nice rose-colored glasses you're wearing there. Remember how XP was derided as bloated and memory-heavy when it was first released? Remember how it's interface was ridiculed for looking like a PlaySkool toy? How about it's disastrous security record, especially before Service Pack 2 was released? I especially loved that a faulty driver audio driver could end up causing a blue-screen for the entire system. And don't forget about that 64-bit version of the OS that no one used because it wasn't compatible

Actually, Apple does have the settings. In OS X, since 10.10, it has been due to Spotlight doing online queries. In iTunes, for many years, it has been due to their suggestions system and retrieving additional data about your music.

It is, as the article suggests, the price of convenience. It would be nice though if you had the option to turn off those conveniences if you don't want them.

Actually, Apple does have the settings. In OS X, since 10.10, it has been due to Spotlight doing online queries. In iTunes, for many years, it has been due to their suggestions system and retrieving additional data about your music.

It is, as the article suggests, the price of convenience. It would be nice though if you had the option to turn off those conveniences if you don't want them.

There is a Vas Deferens between what Spotlight (for "Spotlight Suggestions") and iTunes does and what Windows 10 is doing. For one thing, Apple is straightforward about what is, and what is not, sent to Apple and/or Microsoft from Spotlight. And more importantly, Apple has a nice, simple GUI way to disable "Spotlight Suggestions" [apple.com].

As far as iTunes goes, if you are referring to the "Genius" feature, unless you turn on iTunes Match, you can disable the Genius feature (which I think is now called "Share details about your library with Apple"). If you are referring to retrieving CD Song Names and other info from the internet, you can disable that, too. Both are available as simple GUI checkboxes in iTunes' Preferences, along with the SWITCHABLE "Share details about your library with Apple", "Limit Ad Tracking", "Automatically download album artwork", "Always check for available downloads", "Sync playback information across devices", "Sync podcase subscriptions and settings", and "check for new software updates automatically".

So, compare that with what TFA says about Windows 10 still leaking data no-matter-what, and I think that any sensible person will agree that there is virtually no comparison between the two "mindsets".

Microsoft were pursued by the DoJ once, for antitrust violations. The case ran for nine years, eventually ending in 2000. Microsoft lost, and a court ordered the company be broken into two separate divisions. Then Microsoft appealed, and the DoJ quickly changed position and reached a settlement whereby they would drop the case and Microsoft would get a slap-on-the-wrist penalty of no consequence.

There was a change of administration during the case, so it is highly likely there was political meddling - someo

My thoughts exactly. If there is a hosts file (and they are not bypassing it for themselves) then shame on anyone who lets M$ phone home. If the host file is gone (which kills a lot of my abusive advertisement and malware protection) or bypassed then it is time to get the router to protect you from traffic going to Microsoft.

Another nice advantage of the hosts file or router hack is that the home version will wait until you believe it is safe to download those "security updates" and you actually want them, rather than forcing them on home users first to see how much damage is done before feeding them to business users. And I say that as an experienced computer user who has only had real harm done to his system twice, once by uninstalling something that left behind an updated DLL but uninstalled the other new DLL that the first one now needed (nice design Bill) and once by a "security update) that deliberately changed my NIC EEPROM so that Linux would not run properly on it (Thank you Microsoft for such aggressive security).